Microsoft
Here are some of the key reasons why you would want to run Unified Access Gateway with DirectAccess.
Researcher sees Patch Tuesday 'nightmare'
Usual rules may not apply, given volume and complexity of Microsoft security update
October 13, 2009 04:12 PM ETComputerworld - Corporate security and network administrators face a "nightmare" task just trying to figure out what to patch and what to let slide after Microsoft issued its biggest-ever batch of updates today, researchers argued.
"This is the biggest number of bulletins," said Jason Miller, the security and data team manager for patch management vendor Shavlik Technologies. "It's also the biggest number of individual patches."
The bottom line, said Miller: "This is an administrative nightmare, just trying to get a good grasp of what's out there."
Wolfgang Kandek, the chief technology officer at Qualys, agreed. "This is a huge release," said Kandek. "No one will be untouched."
Today's security updates from Microsoft were unprecedented, with 13 separate bulletins that quashed 34 vulnerabilities. Both were records for the company since it began delivering monthly updates six years ago.
Miller and Kandek noted that several of the security bulletins were extraordinarily complex, which will only complicate the chore of deciding what to patch immediately, and what can wait.
"Just focus on MS09-062," said Miller, speaking of the bulletin that patched eight different bugs in the GDI+ (Graphics Device Interface) component within Windows. "The sheer number of products listed as affected is immense."
Microsoft acknowledged that the GDI+ patches affected Windows XP, Vista, Server 2003, Server 2008, Internet Explorer (IE), .NET Framework, all supported editions of Office, SQL Server, Visual Studio and Forefront Client Security.
"GDI touches everything," said Kandek. "And it's a complicated component."
"We're talking about an older technology that's been around for awhile," added Miller, referring to the familiarity hackers have with GDI, and thus the increased likelihood that they will be able to craft exploits for the bugs Microsoft revealed today. "The vulnerabilities affect a lot of different file formats, including Office. If you're running anything made by Microsoft, you're probably going to be affected by this one."
Patch Tuesday
Additional Resources
Microsoft
Review how one energy firm tightened protection and simplified IT work using business-ready security solutions.
Sybase
In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.
Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.
Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.
White Papers & Webcasts
Death to PST Files
Download Now
The Tangled Web: Silent Threats & Invisible Enemies
Download Now
Tape Killed the IT Guy
Watch Now
Forrester Consulting Mobility Study: Taking Control of Enterprise Mobile Device Diversity
Download Now
BRM: What You Can Do To Reduce Risk In Challenging Times
Watch this webcast now!
What IT Must Do to Support Employee-Owned BlackBerry, iPhone and Android Mobile Devices
Download Now
Web 2.0, Social Media and the Dark Web - A Web Criminals Paradise?
In this discussion, learn about the challenges of protecting your users from the potentially unsafe content hidden in the "Dark Web".
eGuide: Enterprise Security
Smart Security Strategies for 2010. Read now!
Disaster Recovery 2008: Reduced Costs and Improved Performance
How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this...
Computerworld Reports
Sign up to receive updates on the latest Security resources
